Comments on How to install Mastodon Social Network with Docker on Ubuntu 22.04 LTS

there is issue in 146 line , the sytax issue yaml: line 146: found character that cannot start any token

Hi Navjot,

I first want to say thank you for providing this tutorial. I mostly referred to this guide when installing my instance. After spending quite a bit of time diagnosing some issues, I finally have a working mastodon server.

 

Just as a reference to others who may encounter some issues, I want to point out that there are a few typos in this guide.

 

In docker-compose.yml, the environment variables should be in quotes as shown:

    environment:

      - "cluster.name=elasticsearch-mastodon"

      - "discovery.type=single-node"

      - "bootstrap.memory_lock=true"

      - "xpack.security.enabled=true"

      - "ingest.geoip.downloader.enabled=false"

      - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"

      - "xpack.license.self_generated.type=basic"

      - "xpack.watcher.enabled=false"

      - "xpack.graph.enabled=false"

      - "xpack.ml.enabled=false"

      - "thread_pool.write.queue_size=1000"

 

Docker kept showing the elasticsearch container as constantly restarting when there were no quotes.

 

There is a spacing typo at: 

networks:

  external_network:

  internal_network:

  internal:true  #there is tab spacing before this line, make sure to remove it.

 

networks:

  external_network:

  internal_network:

    internal:true #there should be four spaces from the edge

 

docker-compose.yml is space sensitive, so if you don't remove it you will get the same error at line 146 like the other commenter, sunny, mentioned.

 

in mastodon.conf, root directory for system location is incorrect. it should be:

 

  location ~ ^/(system/accounts/avatars|system/media_attachments/files) {

    add_header Cache-Control "public, max-age=31536000, immutable";

    add_header Strict-Transport-Security "max-age=31536000" always;

    root /opt/mastodon/web/; ##original value was missing web/

    try_files $uri @proxy;

  }

 

 

 

Helpful tips:

 

##for those of you who want to use email not from a localhost, these settings have never failed for me.##

in appliation.env:

 

SMTP_SERVER=smtp.example.com

SMTP_PORT=587

[email protected]

SMTP_PASSWORD=YOURPASSWORD!

SMTP_AUTH_METHOD=plain

SMTP_OPENSSL_VERIFY_MODE=none

SMTP_ENABLE_STARTTLS=auto

SMTP_FROM_ADDRESS=Mastodon <[email protected]>

 

If you use docker with virtualmin. Typically firewalld is used instead of UFW. For some reason, everytime the server reboots, the docker zone does not apply firewall rules such as postgres port 5432 to the internal_network bridge. I think you may be able to get by by removing "internal:true" in docker-compose.yml, but what worked for me was creating new docker bridges via "docker network create yourbridgename" and setting external:true for both networks.

[example]

networks:

  ext_net_name:

    external: true

  int_net_name:

    external: true

Make sure to update "external_network" and "internal_network" for all components in docker-compose.yml with the newly created bridge name.

 

If you intend to use ipv6 or just want to be ready for it. make sure to add the two lines "listen [::]:80;" and "listen [::]:443 ssl http2;" in the nginx mastodon.conf.

[example]

server {

  listen 80 default_server;

  listen [::]:80; ##add this here

  server_name yourdomain.com;

  location / { return 301 https://$host$request_uri; }

 

server {

   listen 443 ssl http2;

   listen [::]:443 ssl http2; ## and this

   server_name yourdomain.com;

 

I hope this helps!

I just wanted to add to my previous comment, if you don't change:

  location ~ ^/(system/accounts/avatars|system/media_attachments/files) {

    add_header Cache-Control "public, max-age=31536000, immutable";

    add_header Strict-Transport-Security "max-age=31536000" always;

    root /opt/mastodon/web/; ##original value was missing web/

    try_files $uri @proxy;

 

  }

Then you may deal with broken image links. Such as avatars or any other media upload.

Thanks Navjot for this great HowTo! I was able to setup my own Mastodon server :-) 

In addition to the other comments, 1 only had to make 1 adjustment. The ElasticSearch container did not start and had this error in the logs:

ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.

bootstrap check failure [1] of [1]: Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]

So I updated the yaml file to this:

  elasticsearch:

    image: docker.elastic.co/elasticsearch/elasticsearch:7.17.10

    restart: always

    env_file: database.env

    environment:

      - "cluster.name=elasticsearch-mastodon"

      - "discovery.type=single-node"

      - "bootstrap.memory_lock=true"

      - "xpack.security.enabled=true"

      - "xpack.security.transport.ssl.enabled=true"

      - "ingest.geoip.downloader.enabled=false"

      - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"

      - "xpack.license.self_generated.type=basic"

      - "xpack.watcher.enabled=false"

      - "xpack.graph.enabled=false"

      - "xpack.ml.enabled=false"

      - "thread_pool.write.queue_size=1000"

    ulimits:

      memlock:

        soft: -1

        hard: -1

      nofile:

        soft: 65536

        hard: 65536

    healthcheck:

      test: ["CMD-SHELL", "nc -z elasticsearch 9200"]

    volumes:

      - elasticsearch:/usr/share/elasticsearch/data

    networks:

      - internal_network

    ports:

      - '127.0.0.1:9200:9200'

Hope this helps ;-)